PCX 

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



RLD INTELLECTUAL PROPERTY ORGANIZATION 
International Bureau 




(51) International Patent Classification 
H04L 9/32 



Al 



(11) InternaUonal Publication Number: WO 00/54457 

(43) International Publication Date: 14 September 20(X) (14.09-00) 



(21) International Application Number: PCT/FIOO/00176 

(22) International Filing Date: 7 March 2000 (07.03.00) 



(30) Priority Data: 
990502 



8 March 1999 (08.03.99) 



Fl 



(71) Applicant (for all designated States except US): SONERA 

SMARTTRUST OY [FI/FI]; c/o Sonera OY. P.O.box 106, 
FIN-(XX)51 Sonera (H). 

(72) Inventor; and 

(75) Inventor/Applicant (for US only): VATANEN, Hani [FI/GBl; 
2 Rushmere Place, Englefield Green. Surrey TW20 ONN 
(GB). 

(74) Agent: PAPULA OY; P.O. Box 981 (Fredrikinkatu 61 A). 
FIN-OOlOl Helsinki (H). 



(81) Designated States: AE, AL, AM. AT, AU, AZ, BA, BB, BG. 
BR, BY. CA, CH, CN. CR, CU, (3, DE. DK, DM, EE, 
ES, FI, GB, GD, GE, GH, GM. HR. HU, ID. IL, IN, IS. JP, 
KE, KG. KP. KR, KZ, LC, LK, LR. LS. LT. LU, LV, MA, 
MD, MG, MK, MN, MW. MX. NO. NZ, PL. PT. RO, RU. 
SD, SE, SG, SI, SK, SL. TJ. TM, TR, TT. TZ. UA. UG, 
US. UZ. VN. YU. ZA. ZW. ARIPO patent (GH. GM. KE. 
LS. MW. SD. SL, SZ. TZ. UG. ZW), Eurasian patent (AM. 
AZ. BY. KG. KZ, MD. RU. TJ, TM). European patent (AT. 
BE. CH. CY. DE. DK. ES, FI. FR. GB. OR. IE. IT. LU. 
MC. NL. PT. SE). OAPI patent (BF. BJ. CF. CG, CI, CM. 
GA, GN, GW, ML, MR, NE, SN, TD, TG), 



Published 

With international search report. 

Before the expiration of the time limit for amending the 
claims and to be republished in the event of the receipt of 
amendments. 

In English translation (filed in Finnish), 



(54) Tide: METHOD AND SYSTEM IN A TELECOMMUNICATION SYSTEM 



MS 



1 








o o 




ooo 




OOP 


"^3,4,7,8 



MOBILE 
NETWORK 





SERVICE 




PROVIDER 




(SPl 




"5.6 



(57) Abstract 

n<A^^^ ^^^^^^l "^^^^d /nd mobile station for implementing a secure transaction. The system comprises a mobile communication network 
(MN) a service provider (SP) communicating with the mobile communication network, a mobile station (MS) communicating wifli the 
mobile communication network (MN) and via it with the service provider (SP). said mobile station (MS) comprising a subscriber identity 
module (SIM), and a service application (APP) stored in the subscriber identity module (SIM), said mobile station (MS) communicating 
with the service provider (SP) over the mobile communication networic (MN). The system further comprises means (1) for transfeiring the 
material needed m the transaction into the mobile station (1). and means (1) in the mobile station (MS) for presenting the material to the 
user. According to the invention, the system further comprises means (3) for requesting the user's acceptance of the material for signature, 
means (4) for activating a PIN inquiry if the user accepts the material, means (5) for checking the correctness of the PIN code entered by 
the user in the subscriber identity module, and means (6) for encrypting and/or signing the material using the service application stored in 
the subscnber idenuty module if the PIN code entered by the user is comscL 
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METHOD AND SYSTEM IN A TELECOMMUNICATION SYSTEM 

The present invention relates to telecommuni- 
cation systems. In particular, the invention concerns 
an advanced method and system of a new type that al- 
5 lows the receiver of a service to safely and flexibly 
accept the material needed in a transaction via 
his/her mobile station. 

BACKGROUND OF THE INVENTION 

10 In prior art, a known practice is to use a 

digital mobile station in a communication system, such 
as the GSM system (Global System for Mobile communica- 
tions, GSM) , for commercial transactions, such as pay- 
ing a bill or remitting a payment, by electronic 

15 means. Patent specification US 5,221,838 presents a 
device which can be used for making a payment. The 
specification describes an electronic payment system 
in which a terminal capable of wireless and/or wired 
data transfer is used as a payment terminal. The ter- 

2 0 minal described in the specification comprises a card 

reader, a keyboard, a bar code reader for data input 
and a display for presentation of payment information. 

Patent specification WO 94/11849 presents a 
method for utilization of telecommunication services 
25 and for performing payment transfers via a mobile 
telephone system. The specification describes a system 
comprising a terminal which communicates over a tele- 
communication network with a service provider's main- 
frame computer containing the service provider's pay- 

3 0 ment system. A terminal in the mobile telephone net- 

work, i.e. a mobile station, can be provided with a 
subscriber identity unit which contains information 
required for subscriber identification and encryption 
of telecommunication traffic. The information can be 
3 5 read into the terminal for use in mobile stations. As 
an example, the specification mentions the GSM system. 
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in which a SIM card (Siabscriber Identity Module^ SIM) 
is used as a subscriber identity unit. 

In the system described in specification WO 
94/11849, the mobile station communicates with a base 
5 transceiver station in the mobile communication net- 
work. According to the specification, a connection is 
set up from the base transceiver station further to a 
payment system and the amount to be paid as well as 
the data required for subscriber identification are 
10 transmitted to the payment system. In the bank service 
described in the specification, the client inserts a 
bank service card containing a SIM unit into a GSM 
network terminal. In the telephone based bank service, 
the terminal may be a standard GSM mobile station. Us- 
15 ing the method described in the specification it is 
possible to use a wireless telecommunication connec- 
tion for remitting payments and/or paying bills or im- 
plementing other corresponding bank services. 

A problem in the prior- art solutions is that 
20 they do not pay attention to the reliability of a pay- 
ment transaction carried out by means of a mobile sta- 
tion. It is important that the application in the mo- 
bile station which makes the payment transaction pos- 
sible should verify the user's authenticity separately 
25 for each transaction. When a mobile station is used 
for remitting a payment, it is important that both the 
payer and the payee can rely on the system. The payer 
needs to know exactly what he is paying for, how much 
he is paying, to whom he is paying, and so on. On the 
30 other hand, the receiver of the payment needs to know 
with certainty that the payer has expressed his will 
for the remittance of the payment. 

Digital signature, which is considered a gen- 
eral requirement in electronic payment, is used for 
35 verification of the integrity of the material trans- 
mitted and the authenticity of the sender. A digital 
signature is generated by encrypting a hash code com- 
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puted from the material to be transmitted, using the 
sender's secret key- Since nobody else knows the 
sender's secret key, the receiver, when decrypting the 
information using the sender's public key, can ascer- 
5 tain that the material is unchanged and that it has 
been generated by the sender. An example of the algo- 
rithm used in digital signature is the RSA encryption 
algorithm, which is a public and private key encryp- 
tion system and which is also used for the encryption 
10 of messages. 

OBJECT OF THE INVENTION 

The object of the present invention is to 
eliminate the problems described above or at least to 

15 alleviate them. A specific object of the invention is 
to disclose a new type of method and system for ac- 
cepting material needed in a transaction separately 
for each transaction. In this context, ^material' may 
refer to many types of electronically interpretable 

20 message, notice or data structure of various contents. 
The material may consist of object type or software 
object type information which can be processed in an 
electronic form. 

A further object of the invention is to dis- 

25 close a simple method for implementing commercial 
transactions, such as paying bills and banking, by 
means of a mobile station, a method that can be easily 
implemented with modern technology. 

3 0 SUBJECT OF THE INVENTION 

The invention concerns a method for imple- 
menting a secure transaction by means of a mobile sta- 
tion which comprises a subscriber identity module and 
a service application stored in the subscriber iden- 
35 tity module. The mobile station communicates with a 
service provider via a mobile communication network. 
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The mobile communication network may be a GSM network. 
In the method, the material needed in the transaction 
is transferred into the mobile station and the mate- 
rial is presented by means of the mobile station. Af- 
5 ter that, according to the invention, the user is 
asked to give his/her approval for signature of the 
material, a PIN inquiry is activated in the mobile 
station if the user accepts the material, the PIN code 
entered by the user is checked for correctness in the 

10 subscriber identity module, and, if the PIN code given 
by the user is correct, the material is encrypted 
and/or signed using the service application stored in 
the subscriber identity module. 

In an embodiment of the invention, if the 

15 user of the mobile station does not accept the mate- 
rial needed in the transaction for signature or if 
three successive entries of the user's PIN code are 
incorrect, then a reject message is sent to the serv- 
ice provider having generated the material. The mate- 

20 rial can be generated using a pre- agreed form overlay 
in which the essential information is filled in before 
its being transferred into the mobile station, or us- 
ing some other mutually agreed and known data struc- 
ture . 

25 In the foregoing, a procedure has been de- 

scribed in which the client accepts the material 
he/she sees on the display of the mobile station, 
which material, after being accepted, is sent to the 
service provider, such as a bank. The client or mobile 

3 0 station user may communicate locally with an automatic 
payment machine or equivalent, in which case the pay- 
ment machine transmits to the client the material in- 
tended to be accepted- In this case, the client ex- 
changes messages locally with the payment machine and 

3 5 the payment machine transmits the digital signature 
information further. The local communication can be 
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performed without necessarily using a mobile communi- 
cation network. 

From the payment traffic it is handling, the 
payment machine can infer that the client has accepted 
5 the service and payment form presented. Thus, the ma- 
chine can serve the client locally in the manner de- 
sired and approved by the client, without necessarily 
expecting the bank's approval for it. In practice, the 
situation corresponds to the normal practice when a 
10 client pays for products or services using his/her 
bank card e.g. at a cash desk in a store and the store 
provides the products/services to the client without 
contacting the bank to verify the authenticity of the 
payment . 

15 The material may also be encrypted before be- 

ing transferred into the mobile station, in which case 
the material has to be decrypted before being signed. 
In this way, it is possible to make sure that only the 
intended mobile station will receive the material 

20 transmitted and to guarantee security of the informa- 
tion. 

In one embodiment, the mobile station may be 
required to be started in signature mode before the 
material is transferred into it. In practice, this may 

25 mean that the user has to enter another predetermined 
PIN code with which the mobile station has been con- 
figured to start in a predetermined signature mode. 
Thus, a kind of local authentication can be used. 

The invention also concerns a system for im- 

3 0 plementing a secure transaction using a mobile sta- 
tion, said system comprising a mobile communication 
network, a service provider communicating with the mo- 
bile communication network, and a mobile station com- 
municating with the mobile communication network and 

35 over the network with the service provider. The mobile 
station comprises a subscriber identity module and a 
service application stored in the subscriber identity 
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module. The mobile station preferably communicates 
with the service provider via the mobile communication 
network. The system additionally comprises means for 
transferring the material needed in the transaction 
5 into the mobile station. These means may be imple- 
mented in the mobile communication network and in the 
mobile station e.g. using a short message service or 
using a local link, e.g. an infrared link or a Blue- 
tooth link. A more detailed description of the Blue- 

10 tooth technology is presented e.g. on WWW page 
\AAVW. bluetODth.com . in addition, the mobile station com- 
prises means, such as a display, for presenting the 
material to the user. 

According to the invention, the system com- 

15 prises means for requesting the user's acceptance of 
the material, means for activating a PIN inquiry if 
the user accepts the material, means for verifying the 
PIN code supplied by the user in the subscriber iden- 
tity module, and means for encrypting and/or signing 

2 0 the material using the service application stored in 

the subscriber identity module if the PIN code given 
by the user is correct. 

Moreover, the system may further comprise 
means for sending a reject message to the service pro- 
25 vider having generated the material if the user of the 
mobile station does not accept the material needed in 
the transaction for signature or if the PIN code input 
into the mobile station is incorrect. 

As compared with prior art, the invention has 

3 0 the advantage that it makes it easier to implement 

payment applications, verification operations and the 
like using a mobile station while at the same time 
providing a higher level of security for the users . 
The invention allows reliable use of a mobile station 
3 5 for accepting material needed in a transaction and for 
signing it digitally, allowing acceptance and digital 
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signature to be applied in conjunction with many dif- 
ferent applications . 

LIST OF ILLUSTRATIONS 

5 In the following, the invention will be de- 

scribed by the aid of preferred examples of its em- 
bodiments with reference to the attached drawing, 
wherein: 

Fig. 1 presents a preferred system according 

10 to the present invention; 

Fig. 2 presents a diagram of a preferred ar- 
rangement according to the present invention; and 

Fig. 3 presents a diagram representing a pre- 
ferred embodiment of the present invention. 

15 The system presented in Fig. 1 comprises a 

mobile communication network, a mobile station MS con- 
nected to it and a service provider SP. The mobile 
communication network may be e.g. a GSM network. The 
service provider may be a store, a bank, a parking fa- 

2 0 cility, a ticket office or any corresponding service 
provider. In practice, the service provider is con- 
nected to the mobile communication network via a ter- 
minal or server resembling a mobile station or via a 
combination of these. However, it will not be de- 

2 5 scribed here in detail because there are various de- 

vices obvious to the skilled person that the serv^ice 
provider can use as a link to the mobile communication 
network. 

The mobile station comprises a subscriber 

3 0 identity module SIM with a service application APP 

stored in it, said service application implementing 
the transaction at the mobile station end in coopera- 
tion with the service provider, and a display 2 for 
presenting the material to the user. Stored in the 
35 service application are also the encryption and de- 
cryption keys needed in the transaction. In addition, 
the service application has information regarding 
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Other parameters and data structures used in the serv- 
ice . 

The mobile station presented in Fig. 1 fur- 
ther comprises means 3 for requesting the user's ac- 
5 ceptance . of the material, means 4 for activating a PIN 
inquiry if the user accepts the material, means 5 for 
checking the PIN code supplied by the user for cor- 
rectness in the subscriber identity module, and means 
6 for encrypting and/or signing the material using the 

10 service application stored in the subscriber identity 
module if the PIN code given by the user is correct. 
Means 3, 4, 5 and 6 may be implemented in a suitable 
component in the mobile station or in the subscriber 
identity module, or some of them may be implemented as 

15 separate components in the mobile station and in the 
subscriber identity module. In system presented in 
this figure, the PIN code is checked for correctness 
in the subscriber identity module using means 5 and 
the material is also encrypted and/or signed in the 

2 0 subscriber identity module using means 6. 

The system illustrated in Fig. 1 further com- 
prises means for sending a reject message to the serv- 
ice provider having generated the material if the user 
of the mobile station does not consent to sign the ma- 
25 terial needed in ' the transaction. The corresponding 
system comprises means 8 for sending a reject message 
to the service provider having generated the material 
if the PIN code entered into the mobile station is in- 
correct. This alternative is optional, and the message 

3 0 can be sent e.g. when incorrect entries are to be re- 

corded in the system. In practice, this can be imple- 
mented by sending a message to the service provider 
after the user has entered an incorrect PIN code e.g. 
three times. The service provider can then take meas- 
35 ures to establish the authenticity of the user of the 
mobile station. 



ISDOCJD: <WO_00544S7A1 J_> 



wo 00/54457 




PCT/FIOO/00176 



9 



Fig. 2 presents a diagram visualizing an em- 
bodiment of the present invention. In the figure, the 
material DATA to be signed has been printed on the 
display of the mobile station 2, and the user may ei- 
5 ther accept or. reject it. When the user presses the 
Accept button to indicate that he/she accepts the ma- 
terial DATA, the user's choice triggers the next ac- 
tion in the procedure. The text "PIN:?" appears on the 
display, asking the user to give a transaction- 

10 specific PIN code. After the user has keyed in a cor- 
rect PIN code, the service application APP (Fig. 1) 
performs the required operations on the material and 
sends it to the service provider SP together with an 
accept message. If the user rejects the data, then a 

15 reject message is sent to the searvice provider. 

Fig. 3 presents a flow diagram representing a 
preferred embodiment of the invention. First, the ma- 
terial is transferred into the mobile station, block 
31. In the mobile station, the material is presented 

20 e.g. on the display 2 (see Fig. 1), block 32. At the 
same time, the user is asked whether he/she will ac- 
cept or reject the material, block 33. If the user ac- 
cepts the material, then the procedure goes on to 
block 35, where the required actions for encrypting 

25 and/or signing the material are perfoirmed. After . that, 
the material together with an accept message is sent 
to the service provider, block 36. If in block 3 3 the 
user rejects the material, then the procedure goes on 
to block 34 and a reject message is sent to the serv- 

3 0 ice provider. 

To sum up, it can be stated that the inven- 
tion significantly facilitates the operations to be 
carried out by a mobile station user in conjunction 
with a transaction made via a mobile station. The in- 

3 5 vention also improves the security of transactions 
made via a mobile station. In practice, the encrypting 
and signing procedures needed in the method of the in- 
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vent ion are based on an application which is stored in 
the subscriber identity module and/or mobile station 
e.g. in a digital signal processor and which performs 
the required operations on the material after the user 
5 has accepted it. The material can be transmitted into 
the mobile station on the basis of an order made e.g. 
by telephone or over the Internet, in which case the 
acceptance of the material functions as a kind of ac- 
knowledgement to the service provider with whom the 

iO order was placed. Accepting the material may consti- 
tute an acknowledgement and approval of an order, of- 
fer, parking charge or any relevant service involving 
a transaction. 

The present invention is not restricted to 

15 the examples of its embodiments described above; in- 
stead, many variations are possible within the sphere 
of protection defined in the claims. 
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CLAIMS 

1. Method for implementing a secure transac- 
tion using a mobile station comprising: 

a subscriber identity module, 
5 a service application stored in the sub- 

scriber identity module, said mobile station communi- 
cating with a service provider over a mobile communi- 
cation network, 

said method comprising the steps of : 
10 transferring the material needed in the 

transaction into the mobile station, and 

presenting the material on the mobile sta- 
tion, characterized in that the method fur- 
ther cotnprises the steps of: 
15 requesting the user' s acceptance of the mate- 

rial, 

activating a PIN inquiry if the user accepts 
the material , 

checking the PIN code entered by the user for 
20 correctness in the subscriber identity module, and 

encrypting and/or signing the material using 
the service application stored in the subscriber iden- 
tity module if the PIN code given by the user is cor- 
rect. 

25 .2- Method as defined in claim 1, charac- 

terized in that 

a reject message is sent to the service pro- 
vider having generated the material if the user of the 
mobile station does not accept the material needed in 

30 the transaction for signature. 

3. Method as defined in claim 1, charac- 
terized in that 

a reject message is sent to the seirvice pro- 
vider having generated the material if the PIN code in- 
35 put into the mobile station is incorrect. 

4 . Method as defined in any one of the prece- 
ding claims 1, 2 or 3, characterized in that 
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the material is composed using a pre-agreed 
form overlay provided with an identifier, in which the 
essential information is filled in before its being 
transferred into the mobile station. 
5 5. Method as defined in any one of the prece- 

ding claims 1, 2, 3, or 4, characterized in 
that 

the mobile station is started in signature 
mode before the material is transferred into the mobile 
10 station. 

6 . Method as defined in any one of the preced- 
ing claims 1, 2, 3, 4 or 5, characterized in 
that 

the message is signed and/or encrypted using a 
15 pviblic and private key method. 

7 - System for implementing a secure transac- 
tion using a mobile station, said system conprising: 
a mobile communication network (MN) , 
a service provider (SP) communicating with the 

2 0 mobile communication network, 

a mobile station (MS) communicating with the 
mobile communication network (MN) and via the network 
with the service provider (SP) , said mobile station 
(MS) comprising: 
25 ^ a subscriber identity module (SIM) , and 

a service application (APP) stored in the sub- 
scriber identity module (SIM) and a mobile station (MS) 
communicating with the service provider (SP) over the 
mobile communication network (MN) . 

3 0 means (1) for transferring the material needed 

in the transaction into the mobile station (1) , and 

means (2) in the mobile station (MS) for pre- 
senting the material, characterized in that 
the system further comprises: 
35 means (3) for requesting the user's acceptance 

of the material. 
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means (4) for activating a PIN inquiry if the 
user accepts the material, 

means (5) for checking the PIN code entered by 
the user for correctness in the subscriber identity 
5 module, and 

means (6) for encrypting and/ or signing the 
material using the service application stored in the 
subscriber identity module if the PIN code entered by 
the user is correct. 
10 8. System as defined in claim 7, charac- 

terized in that the system further comprises : 

means (7) for sending a reject message to the 
service provider having generated the material if the 
user of the mobile station does not accept the material 
15 needed in the transaction for signature. 

9. System as defined in claim 7, charac- 
terized in that the system further comprises : 

means (8) for sending a reject message to the 
service provider having generated the material if the 
20 PIN code entered into the mobile station is incorrect. 

10. System as defined in any one of the pre- 
ceding claims 7, 8 or 9, characterized in 
that 

a pre-agreed form overlay provided with an 
2 5 identifier has been stored in the subscriber identity 
module, in which form overlay the essential information 
is filled in and which is used for presenting the mate- 
rial to the user. 

11. Mobile station for implementing a secure 
30 transaction, said mobile station (MS) comprising: 

a subscriber identity module (SIM) , and 
a service application (APP) stored in the 
subscriber identity module SIM, 

means (1) for receiving the material needed 
35 in the transaction into the mobile station (1) , and 
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means (2) for presenting the material, 
characterized in that the mobile station 
further comprises : 

means (3) for requesting the user's acceptan- 
5 ce of the material, 

means (4) for activating a PIN inquiry if the 
user accepts the material, 

means (5) for checking the PIN code entered by 
the user for correctness in the subscriber identity mo- 
10 dule, and 

means (6) for encrypting and/or signing the 
material using the service application stored in the 
subscriber identity module if the PIN code entered by 
the user is correct. 
15 12. Mobile station as defined in claim 11, 

characterized in that the mobile station 
further conprises : 

means (7) for sending a reject message to the 
service provider having generated the material if . the 
2 0 user of the mobile station does not accept the material 
needed in the transaction for signature. 

13. Mobile station as defined in claim 11, 
characterized in that the system further 
comprises : 

2 5 means (8) for sending a reject message to the 

service provider having generated the material if the 
PIN code input into the mobile station is incorrect. 
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